Close Menu

    GDPR Privacy Policy

    Last Updated: May 26, 2025

    Welcome to https://mattabbyunpacks.com (the “Website”), owned and operated by Mattia Franchina (“we,” “us,” or “our”), who acts as the Data Controller for the personal data processed through the Website. Our contact email is mattiaunpacks@gmail.com. This Privacy Policy explains how we collect, use, disclose, store, and protect your personal data when you access or use the Website, including its features such as gaming news, product reviews, unboxing articles, embedded YouTube videos, contact forms, newsletters, user accounts, and commenting functionalities. 

    We are committed to protecting your privacy and ensuring compliance with the General Data Protection Regulation (EU) 2016/679 (“GDPR”), the ePrivacy Directive 2002/58/EC (as amended), and the Italian Personal Data Protection Code (Legislative Decree No. 196/2003, as amended). This policy applies to all users of the Website, regardless of their location, though additional protections may apply to users in the European Economic Area (EEA) or other jurisdictions with mandatory data protection laws.

    By using the Website, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with our data practices, please do not use the Website.

    1. Data Controller

    The Data Controller responsible for your personal data is:

    Mattia Franchina

    Email: mattiaunpacks@gmail.com

    Website: https://mattiaunpacks.com/contact

    As the Data Controller, we determine the purposes and means of processing your personal data in accordance with applicable data protection laws.

    2. Personal Data We Collect

    We collect and process the following categories of personal data, depending on how you interact with the Website:

    • Contact Form Data: When you submit an inquiry via the contact form at https://mattiaunpacks.com/contact, we collect your name, email address, and any additional information you provide in the message field.
    • Newsletter Subscription Data: If you subscribe to our newsletter, we collect your email address and, optionally, your name or preferences (e.g., topics of interest).
    • User Account Data: When you create an account to comment on articles, we collect your email address, username, and any optional profile information you provide. We also collect the content of your comments.
    • Usage and Analytics Data: We collect data about your interactions with the Website, such as IP address, browser type, device information, pages visited, time spent on pages, and referring URLs. This data is collected automatically via cookies and similar technologies (e.g., Google Analytics, Google Tags) as described in our Cookie Policy.
    • Yoast SEO Data: Yoast SEO may process data related to content optimization (e.g., metadata, keywords), but this typically does not involve personal data unless linked to user-generated content.

    We do not collect sensitive personal data (e.g., health, political opinions, or biometric data) unless voluntarily provided by you (e.g., in a contact form message), in which case we process it only with your explicit consent.

    3. Purposes and Legal Bases for Processing

    We process your personal data for the following purposes, each grounded in a legal basis under GDPR (Article 6):

    • To Provide and Operate the Website: We process usage data to ensure the Website functions properly, such as loading pages and displaying content (e.g., embedded YouTube videos). Legal Basis: Legitimate interests (Article 6(1)(f) GDPR) in maintaining a functional Website.
    • To Respond to Contact Form Inquiries: We process contact form data to reply to your questions or requests. Legal Basis: Performance of a contract (Article 6(1)(b) GDPR) or legitimate interests in addressing user inquiries.
    • To Send Newsletters: We process your email address and related data to deliver newsletters with gaming news, reviews, or updates, provided you have subscribed. Legal Basis: Consent (Article 6(1)(a) GDPR), obtained during subscription.
    • To Manage User Accounts and Comments: We process account and comment data to enable you to create an account, post comments, and engage with the Website. Legal Basis: Performance of a contract (Article 6(1)(b) GDPR) for account services; consent (Article 6(1)(a) GDPR) for optional profile information.
    • To Analyze and Improve the Website: We use analytics tools (e.g., Google Analytics, Google Tags) to understand user behavior, optimize content, and improve Website performance. Legal Basis: Consent (Article 6(1)(a) GDPR) for non-essential cookies, obtained via our Cookie Banner; legitimate interests (Article 6(1)(f) GDPR) for essential cookies and anonymized data.
    • To Comply with Legal Obligations: We may process data to comply with applicable laws, such as responding to regulatory requests or maintaining records. Legal Basis: Compliance with a legal obligation (Article 6(1)(c) GDPR).
    • To Protect Our Rights and Safety: We may process data to prevent fraud, secure the Website, or enforce our Terms and Conditions. Legal Basis: Legitimate interests (Article 6(1)(f) GDPR) in ensuring Website security.

    Where processing is based on consent, you may withdraw it at any time (see Section 9). Where processing is based on legitimate interests, we have balanced our interests against your rights to ensure your privacy is not unduly impacted, as required by GDPR (Article 6(1)(f)).

    4. How We Collect Personal Data

    We collect personal data in the following ways:

    • Directly from You: When you submit data via the contact form, subscribe to the newsletter, create a user account, or post comments.
    • Automatically: Through cookies, pixels, and similar technologies when you browse the Website. These technologies are managed by us or third-party services (e.g., Google Analytics, Google Tags). See our Cookie Policy for details.
    • From Third Parties: We may receive data from third-party services, such as YouTube (for embedded video interactions), subject to their privacy policies.

    5. Sharing and Disclosure of Personal Data

    We do not sell your personal data. We may share your data with the following recipients, only to the extent necessary and in compliance with GDPR (Articles 28–32):

    • Service Providers: Third-party processors, such as:
      • Google (for Google Analytics and Google Tags) to analyze Website usage.
      • Email marketing platforms (if used for newsletters) to manage subscriptions.
      • Hosting providers to store Website data.
      • These processors act under our instructions and are bound by data processing agreements compliant with GDPR (Article 28).
    • Third-Party Platforms: Embedded YouTube videos may involve data sharing with YouTube (Google), subject to Google’s privacy policy. Yoast SEO may process data for optimization but typically does not share personal data.
    • Legal Authorities: We may disclose data to comply with legal obligations, respond to lawful requests (e.g., from Italian or EU authorities), or protect our rights, as permitted by GDPR (Article 6(1)(c) or (f)).
    • Business Transfers: In the event of a merger, acquisition, or sale of assets, your data may be transferred to a successor entity, with safeguards to ensure GDPR compliance.

    For users under 16, we do not share data without verifiable parental consent, as required by GDPR (Article 8).

    6. International Data Transfers

    As the Website targets an international audience, your data may be transferred to countries outside the EEA (e.g., to Google servers in the United States). We ensure such transfers comply with GDPR (Articles 44–50) through:

    • Standard Contractual Clauses (SCCs) approved by the European Commission.
    • Adequacy Decisions where applicable (e.g., for countries recognized as providing adequate protection).
    • Other Safeguards, such as binding corporate rules or derogations (e.g., explicit consent).

    You may request details of transfer safeguards by contacting us at mattiaunpacks@gmail.com.

    7. Data Retention

    We retain your personal data only for as long as necessary to fulfill the purposes outlined in this policy, unless a longer period is required by law:

    • Contact Form Data: Retained for up to 12 months after responding to your inquiry, unless further correspondence is needed.
    • Newsletter Data: Retained until you unsubscribe or withdraw consent, after which data is deleted within 30 days.
    • User Account Data: Retained for as long as your account is active. If you delete your account, data is removed within 30 days, except for comments, which may remain unless you request deletion.
    • Analytics Data: Retained for up to 26 months (Google Analytics default) or as specified in our Cookie Policy, unless anonymized.
    • SEO Data: Aggregated or anonymized data may be retained indefinitely for performance analysis.

    Data required for legal compliance (e.g., tax or regulatory records) is retained for the periods mandated by Italian law (e.g., 10 years under Article 2220 of the Italian Civil Code). After retention periods expire, data is securely deleted or anonymized in accordance with GDPR (Article 32).

    8. Data Security

    We implement technical and organizational measures to protect your data against unauthorized access, loss, or alteration, as required by GDPR (Article 32). These measures include:

    • Encryption of data in transit (e.g., SSL/TLS for Website traffic).
    • Secure storage of data by our hosting provider.
    • Access controls to limit data access to authorized personnel.
    • Regular security assessments of third-party processors.

    Despite these measures, no online system is completely secure. In the event of a data breach, we will notify you and the Italian Data Protection Authority (Garante) within 72 hours, if required by GDPR (Articles 33–34).

    9. Your Data Protection Rights

    As an EEA resident (or under similar laws in other jurisdictions), you have the following rights under GDPR (Articles 15–22):

    • Right of Access: Request a copy of your personal data.
    • Right to Rectification: Correct inaccurate or incomplete data.
    • Right to Erasure (“Right to be Forgotten”): Request deletion of your data, subject to legal exceptions (e.g., compliance obligations).
    • Right to Restriction: Restrict processing in certain cases (e.g., while verifying data accuracy).
    • Right to Data Portability: Receive your data in a structured, machine-readable format or have it transferred to another controller.
    • Right to Object: Object to processing based on legitimate interests (e.g., analytics) or direct marketing.
    • Right to Withdraw Consent: Withdraw consent for processing (e.g., newsletters, non-essential cookies) at any time, without affecting prior processing.
    • Right to Avoid Automated Decision-Making: Not be subject to decisions based solely on automated processing (not currently applicable, as we do not use such processes).

    To exercise these rights, contact us at mattiaunpacks@gmail.com. We will respond within 30 days, extendable by two months for complex requests, as per GDPR (Article 12). If you are unsatisfied with our response, you may lodge a complaint with the Italian Data Protection Authority (Garante per la Protezione dei Dati Personali) at www.garanteprivacy.it or another supervisory authority in your country of residence.

    10. Cookies and Tracking Technologies

    We use cookies and similar technologies (e.g., pixels, tags) to enhance your experience, analyze usage, and optimize the Website. These include:

    • Essential Cookies: Necessary for Website functionality (e.g., session management).
    • Analytics Cookies: Used by Google Analytics, Google Tags to track usage patterns.
    • Third-Party Cookies: Set by YouTube for embedded videos, which may track viewing behavior.

    You can manage cookie preferences via our Cookie Banner, as required by the ePrivacy Directive and GDPR. For details, see our Cookie Policy at https://mattiaunpacks.com/gdpr-cookie-policy/. Yoast SEO, if used, does not typically involve cookies but may process metadata for optimization.

    11. Children’s Privacy

    The Website is not intended for users under 16, in line with GDPR (Article 8). If you are under 16, you must obtain verifiable parental consent before providing personal data (e.g., creating an account or subscribing to the newsletter). Parents or guardians may contact us at mattiaunpacks@gmail.com to provide consent or request data deletion. We do not knowingly collect data from children under 16 without consent.

    12. Changes to This Privacy Policy

    We may update this Privacy Policy to reflect changes in our data practices, legal requirements, or Website features. Updates will be posted on the Website with the “Last Updated” date. For significant changes, we will notify you via email or a Website notice, as required by GDPR (Article 13). Continued use of the Website after changes constitutes acceptance of the updated policy.

    13. Contact Us

    For questions, requests, or complaints regarding this Privacy Policy or our data practices, contact:

    Mattia Franchina

    Email: mattiaunpacks@gmail.com

    Website: https://mattiaunpacks.com/contact

    We aim to address all inquiries promptly and in compliance with GDPR.